International Journal of Computing and Business Research (IJCBR)
|
|
- Patience Harris
- 7 years ago
- Views:
Transcription
1 AN INVESTIGATION OF GSM ARCHITECTURE AND OVERLAYING WITH EFFICIENT SECURITY PROTOCOL Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT The Global System for Mobile Communications (GSM) network is a standard structure used by most of the mobile phone networks all around the world. According to facts gathered by an organization known as the GSM Association, approximately 80 percent of all mobile phones all around the world are branch of this network. In recent years, M-banking has emerged as the main division of e-commerce and m-commerce. Nowadays, Mobile banking services comprises of information inquiry, notifications as well as alerts, payment transfer etc. Mobile application handset is used for linking customer handset with the server of the bank for all above mentioned services. Present Mobile-banking applications used by most banks are facing security challenges basically due to the security architecture of GSM network. The security architecture of the cellular network is not completely secure. Global System for Mobile communication network infrastructure is proven to be unsafe and many types of possible attacks have been exposed. So that sending sensitive banking information across the open mobile phone network is totally insecure. In this paper, we first discuss GSM architecture and then present SMS based secure mobile banking approach which improves security with lowest possible cost. In this method bank hides customer transaction data via secure SMS using AES symmetric cryptographic algorithm. Customer application decrypts data in safe manner. 1. INTRODUCTION In this project, first we investigate GSM architecture and then we will discuss security issues with the GSM architecture. Finally we will present method to improve security of M-banking using SMS based secure approach. The aim is to construct portable device applications that ensure client can securely send their banking information via the mobile network. The main
2 problem with the current mobile banking system is that they send data directly to clients in plain text form and compromising with the security. Present M-banking applications used by most of the banks are facing security challenges for payment transfer[1]. Mostly banks are using secure payment gateway as well as security measures, which increases their cost and infrastructure for their bank. But major day-to-day banking activities are not only payment transfer but inquiries, notifications and alerts as well. In section 2, we discuss GSM architecture and then in section 3, we will present security mechanisms in the GSM network. In section 4, we will present SMS based secure mobile banking approach to improve security on this GSM architecture. 2. GSM ARCHITECTURE As earlier stated, According to facts gathered by an organization known as the GSM Association, approximately 80 percent of all mobile phones all around the world are branch of this network. Phones on this type of GSM network actually use a Subscriber Identity Module (SIM) card. One of the main objectives of the GSM network is to facilitate effortless access to cellular and satellite systems across international lines. Using present digital technology, it makes use of both speech and data channels [2]. Figure 1 shows the fundamental structure of the GSM architecture; GSM offers both SMS and GPRS services. The GPRS is an integrated part of basic GSM network; it is encrusted over the underlying GSM network. GPRS also employ some of the already offered GSM network elements like Mobile Switching Centers (MSC), Base Station Subsystems (BSS), Home Location Registers (HLR) and Authentication Centers (AUC).
3 ISC SMS BSC MSC VLR HLR AUC EIR BSC MS OMC BTS Figure 1. GSM Architecture
4 BSC BASE STATION COTROLLER MSC MOBILE SWITCH CENTRE OMC- OPERATION AND MANAGEMENT CENTRE MS - MOBILE STATION BTS - BASE TRANSCEIVER STATION SMSC SHORT MESSAGE SERVICE CENTRE ISC INTERNATIONAL SWITCHING CENTRE EIR- EQUIPMENT IDENTITITY REGISTER AUC- AUTHENTICATION CENTRE HLR HOME LOCATION REGISTRY VLR - VISITOR LOCATION REGISTRY Key Terms The supplementary GPRS network elements to the already existing GSM network include; GPRS tunneling protocol (GTP), GPRS Support Nodes (GSN), (Packet Data Protocol) PDP Context as well as Access points. 3 SECURITY MECHANISMS IN THE GSM NETWORK GSM has techniques to authenticate and encrypt data exchanged on GSM network. The GSM network has some safety mechanism to check activities like Subscriber Interface Module (SIM) cloning, and to put off unlawfully used handsets. 3.1 GSM Authentication Center The SIM card authentication is performed when a mobile station in the beginning attempts to connect to the network, or in other words, when a terminal is switched on. The GSM authentication center is in operation to authenticate each SIM card which makes an attempt to
5 connect to GSM network. If in case, authentication fails then no services will be offered by the GSM network operator, otherwise the SGSN and HLR are allowed to administer the services associated with the SIM card. 3.2 Problems with the A3/A8 authentication algorithm A3/A8 is the algorithm used to authenticate a handset on a mobile network. In A3/ A8 the generally used algorithm is COMP128[3]. COMP128 was cracked by Wagner and Goldberg almost effortlessly. This raises apprehension of having GPRS as a secure mechanism. By cracking COMP128 Wagner and Goldberg proved that it is possible to attain the Ki value, so making it possible to achieve SIM cloning[4]. There has been a publish of COMP128-2 and COMP128-3 to deal with the SIM cloning issues, but still, the majority of the SIMs are using COMP Problems with A5 algorithm To prevent unfussy eavesdropping by encrypting the communications between mobile station (handset) and the BSS, the A5 algorithm is used. Kc is actually the Ki and RAND value put into the A5 algorithm[5]. This Kc value is basically a secret key used along with A5 algorithm for encryption in between the mobile station and BSS. 4. SMS SOLUTION FOR SECURE BANKING The secure messaging protocol overcomes the on hand security deficits in the GSM architecture. The solution for the above mentioned problems is to impart a secure messaging protocol which actually uses SMS. The secure messaging protocol has been integrated along with mobile banking system to improve the security of M-banking. 4.1 Protocol Sequences Secure SMS protocol is basically divided in two parts[6]. The first part is mainly message generation. The mobile handset generates the message and sends it to the server of the bank. The second part is basically message security checks. The server of the bank, examines the received message, decodes the contents, present in it and carries out security checks. The subsequent subsections describe each part of the protocol in detail.
6 Encryption using one time password USER ENTER BANKING DETAIL USER IDENTITY Message Digest CREATE SECURE SMS MESSAGE BANK SERVE R SEND SMS VIA GSM NETWORK 1. Check User Identity 2. Decrypt using one time password 3. Check the message Digest PERFORM TRANSACTIONS 4.Authenticate UPDATE DATABASE
7 4.2 Generating and Sending Secure SMS Messages User put all the required security information in mobile device. This information is used to create the secure SMS message for sending to the server. The mobile device has a preset version pattern of bytes[7]. This pattern is also inserted while creating the message. Hash value can ensure message integrity for the receiver side of the link[8]. Message integrity is needed to encrypt contents that are used for computing the message digest. Now the message is intercepted and the intruder cannot use the encrypted contents to construct another digest. The integrity validation will not pass if any part of the original message is altered. Some identification details should not be encrypted to let the receiver identify the account holder. The key used in this algorithm, for encryption is constructed from the one-time password of the client[9]. Only the server and the user have the knowledge of one-time passwords.
8 Figure 2. SMS based Protocol 4.3 Receiving and Decoding Secure SMS Message After receiving the message, server breaks the message and first checks the pattern of the version bytes. By doing this server come to know that message is fit for the secure SMS protocol[10]. Next, the server checks if the account identifier is exist in the server database as well. Now the server recovers the sequence number and checks if the sequence number recovered from the message matches with the seq. no. from the server s database. Now server gets the one-time password from the database. This password is indexed by sequence number and the account identifier. So the server uses this password as the decryption key to decipher the encrypted contents. After successful decryption, one-time password is discarded[11]. After all this, the server uses the secure contents required for the computing message digest. The message digest is computed using the same algorithm as used by mobile device. Now server compares the two digests for checking the message integrity[12]. After this, server takes the PIN from the message and then compares it with the account holder s PIN from the server s database. The server performs the requested transaction after all the above mentioned security checks. 5. CONCLUSION & FUTURE WORK There are many fields that would benefit from SMS based security measures. Security solutions were restricted because of physical infrastructure of GSM network. The security architecture of the cellular network is not completely secure, as we have seen so many loopholes in the GSM architecture. Many of the inherent disadvantages of such networks can be treated with the use of SMS based security. Secure SMS approach uses the concept of One time password, hashing function, PIN no. and message digest computing etc, to provide the clients secure transactions using mobile banking. Still a lot of work has to be done on the authentication process. In a nutshell, idea is to use secured messages over GSM networks in mobile banking without worrying about security concerns in order to take full advantage of the facility provided by the banking sector.
9 6. REFERENCES [1] Manoj V, Bramhe. Sms based Secure Mobile Banking. In International Journal of Engineering and Technology Vol.3 (6), 2011, [2] Kelvin Chikomo and Ming Ki Chong. Security of mobile banking Project proposal [3] Biryukov, A. Shamir, A. Wagner, D. Real Time Cryptanalysis of A5/1 on a PC. In Fast Software Encryption Workshop, 2000 Stallings, W. Network Security Essentials Applications and Standards, international second ed. Prentice Hall, [4] Steve Lord, X-Force Security Assessment Services, and Internet: Trouble at the Telco When GSM goes bad. In Network Security, 2003(1):10 12, 2003 [5] Margrave, D. GSM Security and Encryption. Available from: (1999); accessed 27 October [6] SMSSpoofing: Everything you ever wanted to know about SMS spoofing [7] Burak Bayoglu: Performance evaluation of WTLS handshake protocol using RAS and elliptic curve cryptosystems, 2004 [8]. Wagner, D. GSM Cloning. Smartcard Developer Association and ISAAC security research group. Available from: (1998); accessed 28 October 2006 [9] R. Chaudhri, G. Borriello, and W. Thies. FoneAstra: Making mobile phones smarter. In ACM Workshop on Networked Systems for Developing Regions. ACM, Oct [10]. WAP Forum, Wireless Application Protocol Architecture Specification, Version 12-Jul-2001, from [11] Kelvin Chikomo, Ming Ki Chong, Alapan Arnab, Andrew Hutchison. Security of Mobile Banking [12]. A. Chaia, A. Dalal, T. Goland, M. J. Gonzalez, J. Morduch, and R. Schiff. Half the world is unbanked. Financial Access Initiative Framing Note, Oct
International Journal of Computing and Business Research (IJCBR) INSECURE GSM NETWORK AND SECURITY SOLUTIONS FOR MOBILE BANKING
INSECURE GSM NETWORK AND SECURITY SOLUTIONS FOR MOBILE BANKING Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT Out of the many revolutions in the current world, mobile
More information2G/3G Mobile Communication Systems
2G/3G Mobile Communication Systems Winter 2012/13 Integrated Communication Systems Group Ilmenau University of Technology Outline 2G Review: GSM Services Architecture Protocols Call setup Mobility management
More informationSecurity features include Authentication and encryption to protect data and prevent eavesdropping.
What is a SIM card? A SIM card, also known as a subscriber identity module, is a subscriber identity module application on a smartcard that stores data for GSM/CDMA Cellular telephone subscribers. Such
More informationMobile Office Security Requirements for the Mobile Office
Mobile Office Security Requirements for the Mobile Office S.Rupp@alcatel.de Alcatel SEL AG 20./21.06.2001 Overview Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used
More informationGSM Network and Services
GSM Network and Services GPRS - sharing of resources 1 What is the problem? Many data applications are very bursty in its traffic pattern: http, smtp, pop, telnet,... Why reserve physical resources at
More informationGlobal System for Mobile Communication Technology
Global System for Mobile Communication Technology Mobile Device Investigations Program Technical Operations Division DHS - FLETC GSM Technology Global System for Mobile Communication or Groupe Special
More informationMaster Thesis Project Plan
Master Thesis Project Plan Mobile Banking in Developing Countries Secure Framework for Delivery of SMS-banking Services. Author: Abunyang Emmanuel Student Number: s0535249 Supervisor: Prof. Dr. Bart Jacobs
More informationThe GSM and GPRS network T-110.300/301
The GSM and GPRS network T-110.300/301 History The successful analog 1:st generation mobile telephone systems proved that there is a market for mobile telephones ARP (AutoRadioPuhelin) in Finland NMT (Nordic
More informationAuthentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography
ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 10 Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography Wilayat Khan 1 and Habib Ullah 2 1 Department of Electrical
More informationMobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services MASTER THESIS
Mobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services MASTER THESIS Author: Abunyang Emmanuel Student Number: s0535249 Radboud University Nijmegen. The Netherlands
More informationSolution for Non-Repudiation in GSM WAP Applications
Solution for Non-Repudiation in GSM WAP Applications CRISTIAN TOMA, MARIUS POPA, CATALIN BOJA Economic Informatics Department Academy of Economic Studies Romana Square No. 6, Bucharest ROMANIA cristian.toma@ie.ase.ro
More informationUsing an approximated One-Time Pad to Secure Short Messaging Service (SMS)
Using an approximated One-Time Pad to Secure Short Messaging Service (SMS) N.J Croft and M.S Olivier Information and Computer Security Architectures (ICSA) Research Group Department of Computer Science
More informationHow To Understand The Gsm And Mts Mobile Network Evolution
Mobile Network Evolution Part 1 GSM and UMTS GSM Cell layout Architecture Call setup Mobility management Security GPRS Architecture Protocols QoS EDGE UMTS Architecture Integrated Communication Systems
More informationMobile Wireless Overview
Mobile Wireless Overview A fast-paced technological transition is occurring today in the world of internetworking. This transition is marked by the convergence of the telecommunications infrastructure
More informationAn Example of Mobile Forensics
An Example of Mobile Forensics Kelvin Hilton K319 kchilton@staffsacuk k.c.hilton@staffs.ac.uk www.soc.staffs.ac.uk/kch1 Objectives The sources of evidence The subscriber The mobile station The network
More informationMobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek
Mobile Security Practical attacks using cheap equipment Presented the 07/06/2016 Business France By Sébastien Dudek For Content Security measures Recent publications in the hacking community Practical
More informationGPRS Network Security
AT&T Wireless Services, Inc. GPRS Network Security Document Number 12199 Revision 0.4.5 Peter Rysavy, Primary Contributing Writer Product Development AT&T Wireless Services, Inc. PO Box 97061 Redmond,
More informationLecture overview. History of cellular systems (1G) GSM introduction. Basic architecture of GSM system. Basic radio transmission parameters of GSM
Lecture overview History of cellular systems (1G) GSM introduction Basic architecture of GSM system Basic radio transmission parameters of GSM Analogue cellular systems 70 s In the early 70 s radio frequencies
More informationThe GSM Standard (An overview of its security)
Interested in learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. The
More informationCOST EFFECTIVE AND SECURED MOBILE BANKING SOLUTION USING SYMMETRIC CRYPTOGRAPHY
Int Jr of Advanced Computer Engineering and Architecture Vol. 1, No. 1, June 2011 Copyright Mind Reader Publications www.ijacea.yolasite.com COST EFFECTIVE AND SECURED MOBILE BANKING SOLUTION USING SYMMETRIC
More informationPM ASSIGNMENT. Security in Mobile Telephony and Voice over IP
PM ASSIGNMENT Security in Mobile Telephony and Voice over IP Christian Wallin Christian.wallin.7513@student.uu.se Danlu Fu danlu.fu.6095@student.uu.se David Alfonso david.alfonso.5823@student.uu.se 1.
More informationTheory and Practice. IT-Security: GSM Location System Syslog XP 3.7. Mobile Communication. December 18, 2001. GSM Location System Syslog XP 3.
Participant: Hack contacting... IT-Security: Theory and Practice Mobile Communication December 18, 2001 Uwe Jendricke uwe@iig.uni-freiburg.de Lecture Homepage: http://www.informatik.uni-freiburg.de/~softech/teaching/ws01/itsec/
More informationHandoff in GSM/GPRS Cellular Systems. Avi Freedman Hexagon System Engineering
Handoff in GSM/GPRS Cellular Systems Avi Freedman Hexagon System Engineering Outline GSM and GSM referemce model GPRS basics Handoffs GSM GPRS Location and Mobility Management Re-selection and routing
More informationMobile Communications
October 21, 2009 Agenda Topic 2: Case Study: The GSM Network 1 GSM System General Architecture 2 GSM Access network. 3 Traffic Models for the Air interface 4 Models for the BSS design. 5 UMTS and the path
More informationSecurity in the GSM Network
Security in the GSM Network Ammar Yasir Korkusuz 2012 Bogazici University, Electrical-Electronics Engineering Department, MSc. Student EE 588 NETWORK SECURITY TERM PROJECT Abstract: GSM is the biggest
More informationGSM GPRS. Course requirements: Understanding Telecommunications book by Ericsson (Part D PLMN) + supporting material (= these slides)
GSM Example of a PLMN (Public Land Mobile Network) At present most successful cellular mobile system (over 200 million subscribers worldwide) Digital (2 nd Generation) cellular mobile system operating
More informationWireless Cellular Networks: 1G and 2G
Wireless Cellular Networks: 1G and 2G Raj Jain Professor of Computer Science and Engineering Washington University in Saint Louis Saint Louis, MO 63130 Audio/Video recordings of this lecture are available
More informationSecurity Measures and Weaknesses of the GPRS Security Architecture
Security Measures and Weaknesses of the GPRS Security Architecture Christos Xenakis Security Group, Communication Networks Laboratory, Department of Informatics & Telecommunications, University of Athens,
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More information!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( 2 3 0-4 ' 3 ' Giuseppe Bianchi
!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( 2 3 0-4 ' 3 ' "#$!!% "&'! #&'!%! () *+,, 3 & 5 &,! #-!*! ' & '.! #%!* //!! & (0)/!&/, 6 5 /, "! First system: NMT-450 (Nordic Mobile Telephone)
More informationWireless Telecommunication Systems GSM, GPRS, UMTS. GSM as basis of current systems Satellites and
Chapter 2 Technical Basics: Layer 1 Methods for Medium Access: Layer 2 Chapter 3 Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Networks: Wireless Telecommunication Systems GSM, GPRS,
More informationA study of user authentication using mobile phone
A study of user authentication using mobile phone Steffen Gullikstad Hallsteinsen Master of Science in Communication Technology Submission date: June 2007 Supervisor: Van Thanh Do, ITEM Co-supervisor:
More informationUMTS security. Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003
UMTS security Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003 Contents UMTS Security objectives Problems with GSM security UMTS security mechanisms
More informationMobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu
Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu Market GSM Overview Services Sub-systems Components Prof. Dr.-Ing. Jochen
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationMOBILE COMPUTING AND M- COMMERCE SECURITY ISSUES
MOBILE COMPUTING AND M- COMMERCE SECURITY ISSUES Krishna Prakash 1 and Balachandra 2 1,2 Department of Information and Communication Technology, MIT Manipal 1 kkp_prakash@yahoo.com, 2 bala_muniyal@yahoo.com
More informationIMT-2000 Network Architecture
IMT-2000 Network Architecture vtoshio Shimoe vtakamichi Sano (Manuscript received May 31, 2002) International Mobile Telecommunication-2000 (IMT-2000) is a third-generation mobile communication system.
More informationGSM Architecture Training Document
Training Document TC Finland Nokia Networks Oy 1 (20) The information in this document is subject to change without notice and describes only the product defined in the introduction of this documentation.
More informationCellular Network Organization. Cellular Wireless Networks. Approaches to Cope with Increasing Capacity. Frequency Reuse
Cellular Network Organization Cellular Wireless Networks Use multiple low-power transmitters (100 W or less) Areas divided into cells Each served by its own antenna Served by base station consisting of
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationSecurity of phone communications
Security of phone communications Authentication, identification and mobile security Matej Kovačič (CC) 2015 This work is published under Creative Commons licence: AttributionNonCommercial-ShareAlike 2.5
More informationM E M O R A N D U M. Wireless Roaming Services for Emergency Medical Facilities
M E M O R A N D U M TO: FROM: RE: Mr. Jim Bugel, AT&T David Robinson, Syniverse Technologies Wireless Roaming Services for Emergency Medical Facilities DATE: December 13, 2007 Automatic wireless roaming
More informationUMTS/GPRS system overview from an IP addressing perspective. David Kessens Jonne Soininen
UMTS/GPRS system overview from an IP addressing perspective David Kessens Jonne Soininen Introduction 1) Introduction to 3GPP networks (GPRS, UMTS) Technical overview and concepts for 3GPP networks Mobility
More informationSecure Socket Layer. Introduction Overview of SSL What SSL is Useful For
Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption
More informationDevelopment of Wireless Networks
Development of Wireless Networks Cellular Revolution In 1990 mobile phone users populate 11 million. By 2004 the figure will become 1 billion Phones are most obvious sign of the success of wireless technology.
More informationIn this Lecture" Access method CDMA" Mobile and Sensor Systems Lecture 2: Mobile Medium Access Control Layer and Telecommunications
Mobile and Sensor Systems Lecture 2: Mobile Medium Access Control Layer and Telecommunications Dr. Cecilia Mascolo In this Lecture In this lecture we will discuss aspects related to the MAC Layer of wireless
More informationEncrypted SMS, an analysis of the theoretical necessities and implementation possibilities
Radboud University Nijmegen Bachelor Thesis Encrypted SMS, an analysis of the theoretical necessities and implementation possibilities Author: Lars Lockefeer Supervisors: Engelbert Hubbers Roel Verdult
More informationWorldwide attacks on SS7 network
Worldwide attacks on SS7 network P1 Security Hackito Ergo Sum 26 th April 2014 Pierre-Olivier Vauboin (po@p1sec.com) Alexandre De Oliveira (alex@p1sec.com) Agenda Overall telecom architecture Architecture
More informationWHITE PAPER. August, 2002. Contacts: Christopher Wingert Mullaguru Naidu
C D M A 1 X R T T S E C U R I T Y WHITE PAPER O V E R V I E W August, 2002 Contacts: Christopher Wingert Mullaguru Naidu T A B L E O F C O N T E N T S 1. Executive Summary 2 2. Security CDMA Networks 3
More informationNetwork Security. HIT Shimrit Tzur-David
Network Security HIT Shimrit Tzur-David 1 Goals: 2 Network Security Understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity key
More informationGlobal System for Mobile Communication (GSM)
Global System for Mobile Communication (GSM) Li-Hsing Yen National University of Kaohsiung GSM System Architecture Um (ME/SIM) C E C PSTN, ISDN, PSPDN, CSPDN A-bis A F A-bis C B BTS BSS BSC HLR VLR EIR
More informationMobile Phone Security. Hoang Vo Billy Ngo
Mobile Phone Security Hoang Vo Billy Ngo Table of Content 1. Introduction Page 2 1.1 Analog Network Page 2 1.2 Digital Network Page 2 2. Security Protocols Page 4 2.1 Analog Page 4 2.2 Digital Page 5 3.
More informationGlobal System for Mobile Communications (GSM)
Global System for Mobile Communications (GSM) Nguyen Thi Mai Trang LIP6/PHARE Thi-Mai-Trang.Nguyen@lip6.fr UPMC/PUF - M2 Networks - PTEL 1 Outline Principles of cellular networks GSM architecture Security
More informationGSM Research. Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010
Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010 Dennis Wehrle, Konrad Meier, Dirk von Suchodoletz, Klaus Rechert, Gerhard Schneider Overview 1. GSM Infrastructure
More informationMeasuring the Optimal Transmission Power of GSM Cellular Network: A Case Study
216 Measuring the Optimal Transmission Power of GSM Cellular Network: A Case Study Measuring the Optimal Transmission Power of GSM Cellular Network: A Case Study Dr Basil M Kasasbeh, Applied Science University,
More informationMobile Application Part protocol implementation in OPNET
Mobile Application Part protocol implementation in OPNET Vladimir Vukadinovic and Ljiljana Trajkovic School of Engineering Science Simon Fraser University Vancouver, BC, Canada E-mail: {vladimir, ljilja}@cs.sfu.ca
More informationIMSI Catcher. Daehyun Strobel. 13.Juli 2007. Seminararbeit Ruhr-Universität Bochum. Chair for Communication Security Prof. Dr.-Ing.
IMSI Catcher Daehyun Strobel 13.Juli 2007 Seminararbeit Ruhr-Universität Bochum Chair for Communication Security Prof. Dr.-Ing. Christof Paar Contents 1 Introduction 1 2 GSM (Global System for Mobile
More informationNAVAL POSTGRADUATE SCHOOL THESIS
NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS SHORT MESSAGE SERVICE (SMS) SECURITY SOLUTION FOR MOBILE DEVICES by Yu Loon Ng December 2006 Thesis Advisor: Co-Advisor: Gurminder Singh John Gibson
More informationSecure Sockets Layer
SSL/TLS provides endpoint authentication and communications privacy over the Internet using cryptography. For web browsing, email, faxing, other data transmission. In typical use, only the server is authenticated
More informationWireless Short Message Service (SMS)
Wireless Short Message Service (SMS) Definition Short message service (SMS) is a globally accepted wireless service that enables the transmission of alphanumeric messages between mobile subscribers and
More informationUnderstanding Digital Certificates and Wireless Transport Layer Security (WTLS)
Understanding Digital Certificates and Wireless Transport Layer Security (WTLS) Author: Allan Macphee January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What
More informationGSM. Global System for Mobile Communications, 1992. Security in mobile phones. System used all over the world. Sikkerhed04, Aften Trusler
GSM Global System for Mobile Communications, 1992 Security in mobile phones System used all over the world 1 GSM: Threat Model What Cloning Eavesdropping Tracking Who Criminals Secret Services Why Break
More informationGPRS Overview. GPRS = General Packet Radio Service. GPRS Network
GPRS - Overview GPRS Overview GPRS = General Packet Radio Service INTERNET/ INTRANET GPRS Network abcde X.25 Disclaimer: These overview slides are intended for informational purposes only. They have not
More informationWireless Mobile Telephony
Wireless Mobile Telephony The Ohio State University Columbus, OH 43210 Durresi@cis.ohio-state.edu http://www.cis.ohio-state.edu/~durresi/ 1 Overview Why wireless mobile telephony? First Generation, Analog
More informationSSL A discussion of the Secure Socket Layer
www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record
More informationSFWR ENG 4C03 - Computer Networks & Computer Security
KEY MANAGEMENT SFWR ENG 4C03 - Computer Networks & Computer Security Researcher: Jayesh Patel Student No. 9909040 Revised: April 4, 2005 Introduction Key management deals with the secure generation, distribution,
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationSingle Sign-On Secure Authentication Password Mechanism
Single Sign-On Secure Authentication Password Mechanism Deepali M. Devkate, N.D.Kale ME Student, Department of CE, PVPIT, Bavdhan, SavitribaiPhule University Pune, Maharashtra,India. Assistant Professor,
More informationRoadmap for Establishing Interoperability of Heterogeneous Cellular Network Technologies -3-
Roadmap for Establishing Interoperability of Heterogeneous Cellular Network Technologies -3- Hasni Neji Innov COM Lab, Higher School of Communications of Tunis, Sup Com University of Carthage, Tunis, Tunisia
More informationAuthentication and Security in IP based Multi Hop Networks
7TH WWRF MEETING IN EINDHOVEN, THE NETHERLANDS 3RD - 4TH DECEMBER 2002 1 Authentication and Security in IP based Multi Hop Networks Frank Fitzek, Andreas Köpsel, Patrick Seeling Abstract Network security
More informationTELE 301 Network Management. Lecture 18: Network Security
TELE 301 Network Management Lecture 18: Network Security Haibo Zhang Computer Science, University of Otago TELE301 Lecture 18: Network Security 1 Security of Networks Security is something that is not
More information2 System introduction
2 System introduction Objectives After this chapter the student will: be able to describe the different nodes in a GSM network. be able to describe geographical subdivision of a GSM network. be able to
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication
More informationPICKPOCKETING MWALLETS. A guide to looting mobile financial services
PICKPOCKETING MWALLETS A guide to looting mobile financial services THE GRUGQ Info Sec researcher since 1999 Experience Telcoms Info Sec Banking Info Sec Leads to Mobile Financial Security MOBILE FINANCIAL
More information2G Mobile Communication Systems
2G Mobile Communication Systems 2G Review: GSM Services Architecture Protocols Call setup Mobility management Security HSCSD GPRS EDGE References Jochen Schiller: Mobile Communications (German and English),
More informationCopyright 2005-2007 MyPW LLC.
Simple & Secure Authentication It's common knowledge that most people use the same or similar passwords wherever they have an online account. Because of this, it can only take one security breach for Identity
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationWireless and Mobile Communication
Wireless and Mobile Communication Prof. RambabuMakkena,Prof. Sudhir P. Sitanagre Asm`s IBMR Chinchwad, Pune-19, India Email Id:rambabum@asmedu.org ABSTRACT The success of mobile communications lies in
More informationSECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER
SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER Mrs. P.Venkateswari Assistant Professor / CSE Erode Sengunthar Engineering College, Thudupathi ABSTRACT Nowadays Communication
More informationTeknillinen Korkeakoulu Teletekniikan laboratorio S-38.128 Teletekniikan erikoistyö. General Packet Radio Service
Teknillinen Korkeakoulu Teletekniikan laboratorio S-38.128 Teletekniikan erikoistyö General Packet Radio Service Tekijä: Jani Kokkonen 42916s jkokkone@cc.hut.fi Ohjaaja: Vesa Kosonen Jätetty: 31.1.2000
More informationCellular Network Organization
Cellular Networks Cellular Network Organization Use multiple low-power transmitters (100 W or less) Areas divided into cells o Each served by its own antenna o Served by base station consisting of transmitter,
More informationNetwork Infrastructure Security in Cellular Data Networks: An Initial Investigation
Network Infrastructure Security in Cellular Data Networks: An Initial Investigation Kavita Barapatre, Nirlesh Koshta, Vishal Sharma IIT Bombay, Mumbai, India and Fabio Ricciato Forschungszentrum Telekommunikation
More informationAuthentication Types. Password-based Authentication. Off-Line Password Guessing
Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:
More informationPublic-Key Infrastructure
Public-Key Infrastructure Technology and Concepts Abstract This paper is intended to help explain general PKI technology and concepts. For the sake of orientation, it also touches on policies and standards
More informationReport to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999
Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer February 3, 1999 Frame Relay Frame Relay is an international standard for high-speed access to public wide area data networks
More informationSSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY
SSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY Introduction OPTIMIZING SSL DEPLOYMENT On-demand business breaks down the traditional network perimeter, creating interconnected systems between
More informationCRYPTOGRAPHY AS A SERVICE
CRYPTOGRAPHY AS A SERVICE Peter Robinson RSA, The Security Division of EMC Session ID: ADS R01 Session Classification: Advanced Introduction Deploying cryptographic keys to end points such as smart phones,
More informationA New Security Protocol Using Hybrid Cryptography Algorithms
International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Special Issue-2, April 2016 E-ISSN: 2347-2693 A New Security Protocol Using Hybrid Cryptography Algorithms
More informationMOBILE CREDIT USING GSM NETWORK TOPUP FOR MOBILE PHONES
Master Thesis Electrical Engineering September 2015 MOBILE CREDIT USING GSM NETWORK TOPUP FOR MOBILE PHONES MEKALA.SAKETHA RAM Faculty of Computing Blekinge Institute of Technology SE-371 79 Karlskrona
More informationAuthentication and Security in Mobile Phones
Authentication and Security in Mobile Phones Greg Rose QUALCOMM Australia ggr@qualcomm.com ABSTRACT Mobile telephone systems have a checkered reputation regarding security and authentication features after
More information... Lecture 11. Network Security II. Information & Communication Security (WS 2014/15) Prof. Dr. Kai Rannenberg
Lecture 11 Network Security II Information & Communication Security (WS 2014/15) Prof. Dr. Kai Rannenberg Deutsche Telekom Chair of Mobile Business & Multilateral Security Goethe University Frankfurt a.
More information2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries
Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application
More informationInternational Journal for Research in Computer Science
TOPIC: MOBILE COMPUTING AND SECURITY ISSUES. ABSTRACT Owodele Odukale The past decade has seen a growth in the use of mobile computing. Its use can be found in areas such as social media, information exchange,
More informationSecurity Engineering Part III Network Security. Security Protocols (I): SSL/TLS
Security Engineering Part III Network Security Security Protocols (I): SSL/TLS Juan E. Tapiador jestevez@inf.uc3m.es Department of Computer Science, UC3M Security Engineering 4th year BSc in Computer Science,
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More informationAuthentication in WLAN
Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing
More informationThree attacks in SSL protocol and their solutions
Three attacks in SSL protocol and their solutions Hong lei Zhang Department of Computer Science The University of Auckland zhon003@ec.auckland.ac.nz Abstract Secure Socket Layer (SSL) and Transport Layer
More information